Google Faces Lawsuit For Tracking Users In Privacy Mode

Uploaded on 2020-06-12 in TECHNOLOGY-Key Areas-Social Media, FREE TO VIEW, BUSINESS-Services-Law

Google is being sued in a US class action which accuses the search company of invading the privacy of millions of users by pervasively tracking their Internet use through browsers set in “private” mode.

According to the complaint filed in the federal court in California, Google gathers data through Google Analytics, Google Ad Manager and other applications and website plug-ins, including smartphone apps, regardless of whether users click on Google-supported ads. 

Google uses this data to learn about private browsing habits of Chrome users, ranging from seemingly innocuous data that can be used for ad-targeting, such as information about hobbies, interests and favorite foods, to the “most intimate and potentially embarrassing things” that people may search for online, according to the complaint.

Google “cannot continue to engage in the covert and unauthorised data collection from virtually every American with a computer or phone,” the complaint said.

The technology problem at the root of the report is a feature called incognito mode in the Chrome browser, which ironically is one that is supposed to protect people when surfing the internet. Chrome users can turn on incognito mode to protect their browsing history, sessions and cookies from websites that want to use this information for marketing or ad-targeting purposes.
However, the feature has long had a problem in that even when using their mode, people’s activity has still been detectable by websites “for years” due to a FileSystem API implementation, Google Chrome developer Paul Irish has tweeted.

Though Google said it implemented the FileSystem API in a different way in Chrome 76, released last year, the problem persists even in the latest version of Chrome 83, which was released recently, according to a report in ZDNet.

It remains possible to detect incognito mode in Chrome, as well as other Chromium-based browsers, such as Edge, Opera, Vivaldi, and Brave, which share the core of Chrome’s codebase. The complaint claims that Google has yet to set a timeframe to fix the issue.

Search-engine rival DuckDuckGo used news of the class-action suit as an opportunity to laud its own technology, which it offers as an alternative to Google search as a way to allow people to search and use the web privately.

Google Developers:          Reuters:         ZDNet:       Threatpost:     

You Might Also Read: 

The Age Of Surveillance Capitalism Dawns:

Google Challenged For Collecting American Health Data:

 

 

 

« Attacks On Anti-Racism Sites Surge
Nuclear Missile Contractor Hacked »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

SSL247

SSL247

SSL247 is Europe's leading Web Security Consultancy Firm. We enjoy long-standing partnerships with Certificate Authorities including Symantec, GlobalSign, Entrust Datacard, Comodo, Thales and Qualys.

Advent IM

Advent IM

Advent IM is one of the UK’s leading independent cyber security specialists, with a unique approach to providing holistic security management solutions.

Mimecast

Mimecast

Mimecast delivers cloud-based email management for Microsoft Exchange and Microsoft Office 365 including archiving, continuity and security.

Resilient Information Systems Security (RISS)

Resilient Information Systems Security (RISS)

RISS is a research group is in the Department of Computing at Imperial College London.

Kroll

Kroll

Kroll provides clients a way to build, protect and maximize value through our differentiated financial and risk advisory and intelligence.

SecureKey Technologies

SecureKey Technologies

SecureKey is a leading identity and authentication provider that simplifies consumer access to online services and applications.

Nextcloud

Nextcloud

Nextcloud offers offers solutions to the combined need of security and ubiquitous access to data and collaboration technology.

ACM-CCAS

ACM-CCAS

ACM is a UKAS-accredited certification body helping businesses around the world perform to a higher standard. Our certifications include ISO 27001 and ISO 22301.

BIO-key

BIO-key

BIO-key is a pioneer and innovator, we are recognized as a leading developer of fingerprint biometric authentication and security solutions.

Grayshift

Grayshift

Grayshift is the leading provider of mobile device digital forensics, specializing in lawful access and extraction.

SecurelyShare Software

SecurelyShare Software

SecurelyShare Software is a security software company, specializing in data security, data privacy and data governance.

Moss Adams

Moss Adams

Moss Adams is a fully integrated professional services firm dedicated to assisting clients with growing, managing, and protecting prosperity.

Tidal Cyber

Tidal Cyber

We formed Tidal for one simple reason—we believe that defenders need and deserve tools and services that make achieving the benefits of threat-informed defense practical and sustainable.

InnovateHer

InnovateHer

At InnovateHer, our vision is to make the tech sector more equitable, by increasing diversity across the spectrum and creating more inclusive workplaces.

Slide

Slide

Slide is a modern, security-first Business Continuity & Disaster Recovery (BCDR) company built exclusively for Managed Service Providers.

Black Bison Cyber

Black Bison Cyber

Black Bison Cyber is a premier cybersecurity firm specializing in elite, discreet, and highly personalized digital protection for high-profile individuals and executives.